The processor is the vicarious agent of the data processing controller. He/she may only process the data within the framework of the specific order or only for the purpose specified by the controller. In doing so, an agreement between the controller and processor is mandatory (Article 28 GDPR).

Data subject
A data subject is any person whose personal data is being used for data processing. He/she is the core subject of data protection law.

Cloud (Cloud Computing)
Cloud computing describes the provision of an IT infrastructure, for example memory, computing power or application software as a service via the internet.

Link / interface between two IT systems

Data subject
Technical term for the data subject in terms of the GDPR. See data subject.

(European) General Data Protection Regulation

Event Tracking
Event tracking refers to the recording of all processes of a system. In conjunction with the GDPR, an event is understood as a process in which personal data is used.

Software as a Service is the possibility of using software without requiring installation. In doing so, the software is carried out in the cloud and can be used via the browser.

Security by Design
Security by Design is a concept where IT ensures that the systems are designed free of weak spots and are therefore insensitive to attacks during the development of hardware and software. This can be done by choosing technology or through the implementation - in other words, the written code.